Basic Security - GE 889 Instruction Manual

DEVICE
NOTE:
NOTE

Basic Security

4–14
• The current limitation for the maximum number of Observer sessions from EnerVista is
three when the Communications card is present.
• When the communications card is not present, a maximum of two Observer sessions
may be initiated through EnerVista. If two Observers are connected, a third
connection is only allowed for an Administrator user. No Operator has access.
However, if an Operator is first connected, before any other user, only one Observer is
allowed and not two, so that an Administrator may always be able to connect. This is
because the maximum number of TCP connections from EnerVista, when the
Communications card is not present, is only three. (With a Communications card, the
maximum number of TCP connections is five.)
The 8 Series Basic Security supports three roles: Administrator, Operator and Observer.
The Main Settings Structure is available from Path:
LOGIN
The setting allows a user to login with a specific role.
1. Whenever a new role is logged in, the user is prompted with a display to enter
password.
2. If the user enters the wrong password, an "Authentication Failed!" message is
displayed
3. If the maximum failed authentications occur an "Account Blocked!" message is
displayed.
4. The Observer is the default choice and it does not require a password.
LOGOUT
This setting logs out the current user and logs in as Observer. If the user is already an
Observer, this setting does not apply. When logging out, a switch to Observer role is
performed.
CHANGE PASSWORDS
1. The Change local passwords menu is shown on the front panel and EnerVista on a
successful login of Administrator role.
2. If password complexity is enabled, the rules as defined in the Password Complexity
section must be obeyed. If password complexity is disabled this setting accepts 1 to
20 alphanumeric characters.
See Path:
Setpoints > Device > Security > Change Local Passwords
3. The default password is "0", which is programmed from the factory.
4. The "login setting" in this menu is similar to that in the parent security settings.
5. The Observer does not have password associated with it. So there is no need to show
it in the list of password changing roles.
LOAD FACTORY DEFAULTS
The Administrator role can change this setting. This setting resets all the settings,
communication and Security passwords, and all records.
ACCESS LOCKOUT
Access lockout is the number of failed authentications (the default is 3 and the maximum is
99) before the device blocks subsequent authentication attempts for the lockout period. A
value of 0 shall mean Lockout is disabled.
ACCESS LOCKOUT PERIOD
Access lockout period is the period of time in minutes of a lockout (the default is 3 and the
maximum is 9999). A value of "0" means that there is no lockout period.
ACCESS TIMEOUT
Access timeout is the time of idleness before a logged in user is automatically logged out.
This timeout applies to all users, independent of the communication channel (serial,
Ethernet or direct access).
Setpoints > Device > Security.
889 GENERATOR PROTECTION SYSTEM – INSTRUCTION MANUAL
CHAPTER 4: SETPOINTS
.